IonMonkey: Guarantee 8-byte alignment for locals.

Assigned to



JavaScript Engine
7 years ago
6 years ago


(Reporter: sstangl, Assigned: sstangl)


Firefox Tracking Flags

(Not tracked)


(Whiteboard: [ion:t])



7 years ago
We intend locals to be 8-byte aligned. This is trivial on x64 due to word size, but bothersome on x86: there, sizeof(IonFramePrefix) is not a multiple of 8, so we need logic that potentially inserts padding based on the number of arguments. Except sometimes we forget about that padding, for example with calls. It is annoying.

We can prevent future errors involving 8-byte alignment by adding another pointer-sized value to IonFrameData. Then the only part of the code that needs to care about alignment is the initial C -> JS trampoline. Other places in the codebase can assume an initial 8-byte alignment and assert that the components being placed on the stack are sized to a multiple of 8.

We considered using that space for marking frame type (entry, normal, rectifier), but that serves the purpose of a single additional bit hidden in the overloaded sizeDescriptor. Since we don't need that space to store any data, and x64 already has sizeof(IonFramePrefix) % 8 == 0, we might as well have divergent implementations of IonFrameData, with x64 not getting additional useless padding.
You need to log in before you can comment on or make changes to this bug.